MESM Privacy Policy

  1. An overview of data protection

    General

    The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

    Data collection on our website

    Who is responsible for the data collection on this website?

    The data collected on this website are processed by MESM. MESM’s contact details can be found in this legal notice.

    How do we collect your data?

    Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.

    Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

    What do we use your data for?

    Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

    We may also use your information for marketing purposes under the terms of legitimate interest. You can unsubscribe at any time by sending an informal email to info@mesm requesting we do not send you marketing material.

    What rights do you have regarding your data?

    You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent, relevant, regulatory authorities.

    Analytics and third-party tools

    When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

    You can object to this analysis. We will inform you below about how to exercise your options in this regard.

  2. General information and mandatory information

    Data protection

    The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

    If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

    Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible, however all information gathered on the MESM website is stored and maintained in secure facilities. Our current security technology is Secured Socket Layer (SSL).

    Notice concerning the party responsible for this website

    The party responsible for processing data on this website is:

    MESM Ltd
    The Solutions Hub
    Chorley
    Lancashire
    PR7 7EL

    Telephone: + 44 (0) 1772 425 985
    Email: info@mesm.com

    The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

    Revocation of your consent to the processing of your data

    Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email sent to info@mesm.com making this request is sufficient or write to MESM at the address above. The data processed before we receive your request may still be legally processed.

    Right to file complaints with regulatory authorities

    If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of your country in which your company is headquartered.

    SSL or TLS encryption

    This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

    If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

    Information, blocking, deletion

    As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given above if you have further questions on the topic of personal data.

    Opposition to promotional emails

    We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

  3. Data protection officer

    Statutory data protection officer

    MESM is part of the Avantor/VWR group of companies and as such they have appointed a data protection officer for our company. You can contact the Data Protection Office via

    MESM Ltd
    Data Protection Officer
    The Solutions Hub
    Chorley
    Lancashire
    PR7 7EL

    Or email: DPO@vwr.com

    Questions regarding this Privacy Policy should be directed to the Data Protection Officer as above.

  4. Data collection on our website

    Cookies

    Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

    Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

    You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

    Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (are stored pursuant to Art. 6 paragraph 1, letter f of GDPR. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

    Server log files

    The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:

    • Browser type and browser version
    • Operating system used
    • Referrer URL
    • Host name of the accessing computer
    • Time of the server request
    • IP address

    These data will not be combined with data from other sources.

    The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

    Contact form

    Should you send us questions via any contact form on the MESM website (mesm.com), we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions and provide any marketing materials as such to answer questions or information as requested in these contact forms. We do not share this information without your permission.

    We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time. An informal email sent to info@mesm.com making this request is sufficient or write to MESM at the address above Data processed before we receive your request may still be legally processed.

    We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

    Registration on this website

    You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.

    To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.

    We will process the data provided during registration only based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. An informal email sent to info@mesm.com making this request is sufficient or write to MESM at the address above. The data processed before we receive your request may still be legally processed.

    We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

  5. Social media

    Twitter plugin

    Functions of the Twitter service have been integrated into our website and app. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the websites you visit are connected to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter's privacy policy, please go to https://twitter.com/privacy.

    Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.

    LinkedIn plugin

    Our site uses functions from the LinkedIn network. The service is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

    Each time one of our pages containing LinkedIn features is accessed, your browser establishes a direct connection to the LinkedIn servers. LinkedIn is informed that you have visited our web pages from your IP address. If you use the LinkedIn “Recommend” button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website to your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by LinkedIn.

    More information can be found in the LinkedIn privacy policy at https://www.linkedin.com/legal/privacy-policy.

  6. Analytics and advertising

    Google Analytics

    This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

    Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

    Google Analytics cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

    Browser plugin

    You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

    Objecting to the collection of data

    You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.

    For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

    Outsourced data processing

    We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the data protection authorities when using Google Analytics.

    Google Analytics Remarketing

    Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

    This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behavior on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).

    Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalized promotional messaging.

    To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.

    You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.

    The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6 (1) (a) GDPR. For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing anonymous user behavior for promotional purposes.

    For more information and the Google Privacy Policy, go to: https://www.google.com/policies/technologies/ads/.

    Google AdWords and Google Conversion Tracking

    This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").

    As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.

    Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.

    Conversion cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

    For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://www.google.de/policies/privacy/.

    You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

  7. Plugins and tools

    YouTube

    Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

    If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

    If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

    YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.

    Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.

    Google Maps

    This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

    To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

    The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.

    Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.

 

MESM GDPR Privacy Policy for Applicants

  1. Introduction

    1. MESM is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you.
    2. You are being sent a copy of this privacy notice because you are applying for work with us (whether as an employee, worker or contractor). It makes you aware of how and why your personal data will be used, namely for the purposes of the recruitment exercise, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) and all applicable regulations, domestic legislation, successor legislation relating to the protection of individuals with regards to the processing of personal data to which the Company and any Group Company is subject to (GDPR).


  2. Data protection principles

    1. We will comply with data protection law and principles, which means that your data will be:
      1. Used lawfully, fairly and in a transparent way.
      2. Collected only for valid purpose that we have clearly explained to you and not used in any way that is incompatible with these purposes.
      3. Relevant to the purposes we have told you about and limited only to those purposes.
      4. Accurate and kept up to date.
      5. Kept only as long as necessary for the purposes we have told you about.
      6. Kept securely.


  3. The kind of information we hold about you

    1. In connection with your application for work with us, we will collect, store, and use the following categories of personal information about you:

      1. The information you have provided to us in your curriculum vitae and covering letter.
      2. Any information you have provided about your current level of remuneration or employment benefits.
      3. Any information you have provided relevant to requesting that we make reasonable adjustments during the recruitment process, including whether or not you have a disability.
      4. Any information about your entitlement to work in the UK.
      5. Any information you provide to us during an interview.
      6. Any test results and or analysis of tests undertaken such as personality, aptitude or knowledge / skills testing.
    2. We may also collect, store and use the following "special categories" of more sensitive personal information:

      1. Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions.
      2. Information about your health, including any medical condition, health and sickness records.
      3. Information about criminal convictions and offences.


  4. How is your personal information collected?

    1. We collect personal information about job applicants from a variety of sources. This information may be supplied by you in application forms or CVs, contained in your passport or identity documents, or collected through interviews and other forms of assessment including online assessment.
      1. Your named referees, from whom we collect data related to your previous work experience, qualifications, aptitude, positions held and dates of employment etc.


  5. Why will we process your personal data?

    1. We need to process data to take steps at your request prior to entering into a contract with you. We also need to process your data to enter into a contract with you.
    2. In some cases, we need to process data to ensure that we are complying with legal obligations. For example, it is required to check a successful applicant's eligibility to work in the UK before employment starts.
    3. We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the organisation to manage the recruitment process, assess and confirm a candidate's suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.
    4. We process health information if we need to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to carry out our obligations and exercise specific rights in relation to employment.
    5. Where we process other special categories of data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is for equal opportunities monitoring purposes.
    6. We will not use your data for any purpose other than the recruitment exercise for which you have applied.


  6. Who has access to personal data?

    1. Your information will be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.
    2. The organisation will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. The organisation will then share your data with former employers to obtain references for you.
    3. The organisation will not transfer your data outside the European Economic Area.


  7. If you fail to provide personal information

    1. If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require references for this role and you fail to provide us with relevant details, we will not be able to take your application further.


  8. Information about criminal convictions

    1. We do not envisage that we will process information about criminal convictions.


  9. Automated decision-making

    1. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.


  10. Data security

    1. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
    2. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.


  11. Data retention

    How long will you use my information for?

    1. If your application for employment is unsuccessful, we will hold your data on file for 3 years after the end of the relevant recruitment process. At the end of that period, your data is deleted or destroyed.
    2. If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice at the time of your appointment.
    3. Rights of access, correction, erasure, and restriction
    4. Your rights in connection with personal information
    5. Under certain circumstances, by law you have the right to:

      1. Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
      2. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
      3. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
      4. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
      5. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
      6. Request the transfer of your personal information to another party.


    6. If you want to exercise any of these rights please contact Human Resources in writing.



  12. Am I able to withdraw my consent?

    1. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Human Resources. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law, and as notified to you in this privacy notice.


  13. Queries or complaints about how we process your personal data

    1. If you have any questions about this privacy notice or how we handle your personal information, please contact Human Resources in writing.
    2. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulatory authority for data protection issues.